DEPRECATED: Use of Dynamic Class Loading
This entry has been retired. Its content is now covered elsewhere, primarily because it described a standard programming technique rather than a specific vulnerability and overlapped with other existing weakness entries.
This CWE entry was deprecated because it focused on the mechanism of dynamic class loading itself, which is a legitimate and often necessary feature of modern programming languages and frameworks. The core security concern isn't the act of loading code dynamically, but how it's done—specifically, whether untrusted or unvalidated input controls what gets loaded. This distinction is crucial for developers to understand, as the feature is not inherently flawed. For practical security guidance, you should refer to related weaknesses that address the actual risks. These include using unvalidated input to influence class loading decisions (which can lead to path traversal or remote code execution) and the broader category of unsafe reflection. The retirement of this entry helps streamline the CWE list to focus on concrete, exploitable patterns rather than general programming concepts.